Consuming an API, can't figure out how to authenticate

I'm using a REST API via guzzle HTTP in Laravel 5.4 that requires "basic authentication". I pass my ID and SECRET to the headers as:

'auth' => [
                $this->merchant_id,
                $this->generateAuthorizationToken($url, $method, $content)
            ],

And it works for GET and POST request fine.

However, for certain requests, the API docs require a different authorization listed as follows.

---

REQUIRED HEADERS

Timestamp (must be the same as in signature calculation)

Content-MD5 (Base64 encoded MD5 sum for the request body contents. For GET requests content is always empty and content-MD5 is calculated of an empty string.)

Authorization: Authentication details. Format: apiKey <apikey>:<signature>. The value is a BASE64 encoding of binary SHA256 MAC of request details using secret as the secret key.

---

For those details there's also a calculation formula:

base64_encode(
    hmac_sha256_binary(
        :requestMethod + "\n" +
            :url + "\n" +
            "apiKey" + :apiKey + "\n" +
            :timestamp + "\n" +
            :base64ContentMd5,
        :apiSecret
    )
)

Requiest method should be PUT, url should be the URL i'm posting to, the timestamp is kind of clear. What about the base64 content md5?

And where should I pass those - instead of what I currently have in auth in the header or?

via Chebli Mohamed